|
|
|
|
|
|
by briHass
868 days ago
|
|
|
Exactly. An attacker that has full access to the device can get past encrypted TPM parameters, it would just slow them down. The best method is pre-boot auth where the TPM itself requires a PIN to release the keys. Windows doesn't use that by default, but it can be enabled. |
|
|